Buffer Overflow Vulnerability in fwknop Allows for Denial of Service and Possible Code Execution

Buffer Overflow Vulnerability in fwknop Allows for Denial of Service and Possible Code Execution

CVE-2012-4436 · MEDIUM Severity

AV:L/AC:M/AU:N/C:P/I:P/A:P

Buffer overflow in the run_last_args function in client/fwknop.c in fwknop before 2.0.3, when processing --last, might allow local users to cause a denial of service (client crash) and possibly execute arbitrary code via many .fwknop.run arguments.

Learn more about our User Device Pen Test.